Visible to the public Biblio

Found 13190 results

2022-01-11
Roberts, Ciaran, Ngo, Sy-Toan, Milesi, Alexandre, Scaglione, Anna, Peisert, Sean, Arnold, Daniel.  2021.  Deep Reinforcement Learning for Mitigating Cyber-Physical DER Voltage Unbalance Attacks. 2021 American Control Conference (ACC). :2861–2867.
The deployment of DER with smart-inverter functionality is increasing the controllable assets on power distribution networks and, consequently, the cyber-physical attack surface. Within this work, we consider the use of reinforcement learning as an online controller that adjusts DER Volt/Var and Volt/Watt control logic to mitigate network voltage unbalance. We specifically focus on the case where a network-aware cyber-physical attack has compromised a subset of single-phase DER, causing a large voltage unbalance. We show how deep reinforcement learning successfully learns a policy minimizing the unbalance, both during normal operation and during a cyber-physical attack. In mitigating the attack, the learned stochastic policy operates alongside legacy equipment on the network, i.e. tap-changing transformers, adjusting optimally predefined DER control-logic.
Hu, Lei, Li, Guyue, Luo, Hongyi, Hu, Aiqun.  2021.  On the RIS Manipulating Attack and Its Countermeasures in Physical-Layer Key Generation. 2021 IEEE 94th Vehicular Technology Conference (VTC2021-Fall). :1–5.
Reconfigurable Intelligent Surface (RIS) is a new paradigm that enables the reconfiguration of the wireless environment. Based on this feature, RIS can be employed to facilitate Physical-layer Key Generation (PKG). However, this technique could also be exploited by the attacker to destroy the key generation process via manipulating the channel features at the legitimate user side. Specifically, this paper proposes a new RIS-assisted Manipulating attack (RISM) that reduces the wireless channel reciprocity by rapidly changing the RIS reflection coefficient in the uplink and downlink channel probing step in orthogonal frequency division multiplexing (OFDM) systems. The vulnerability of traditional key generation technology based on channel frequency response (CFR) under this attack is analyzed. Then, we propose a slewing rate detection method based on path separation. The attacked path is removed from the time domain and a flexible quantization method is employed to maximize the Key Generation Rate (KGR). The simulation results show that under RISM attack, when the ratio of the attack path variance to the total path variance is 0.17, the Bit Disagreement Rate (BDR) of the CFR-based method is greater than 0.25, and the KGR is close to zero. In addition, the proposed detection method can successfully detect the attacked path for SNR above 0 dB in the case of 16 rounds of probing and the KGR is 35 bits/channel use at 23.04MHz bandwidth.
Foster, Rita, Priest, Zach, Cutshaw, Michael.  2021.  Infrastructure eXpression for Codified Cyber Attack Surfaces and Automated Applicability. 2021 Resilience Week (RWS). :1–4.
The internal laboratory directed research and development (LDRD) project Infrastructure eXpression (IX) at the Idaho National Laboratory (INL), is based on codifying infrastructure to support automatic applicability to emerging cyber issues, enabling automated cyber responses, codifying attack surfaces, and analysis of cyber impacts to our nation's most critical infrastructure. IX uses the Structured Threat Information eXpression (STIX) open international standard version 2.1 which supports STIX Cyber Observable (SCO) to codify infrastructure characteristics and exposures. Using these codified infrastructures, STIX Relationship Objects (SRO) connect to STIX Domain Objects (SDO) used for modeling cyber threat used to create attack surfaces integrated with specific infrastructure. This IX model creates a shareable, actionable and implementable attack surface that is updateable with emerging threat or infrastructure modifications. Enrichment of cyber threat information includes attack patterns, indicators, courses of action, malware and threat actors. Codifying infrastructure in IX enables creation of software and hardware bill of materials (SBoM/HBoM) information, analysis of emerging cyber vulnerabilities including supply chain threat to infrastructure.
Everson, Douglas, Cheng, Long.  2021.  Compressing Network Attack Surfaces for Practical Security Analysis. 2021 IEEE Secure Development Conference (SecDev). :23–29.
Testing or defending the security of a large network can be challenging because of the sheer number of potential ingress points that need to be investigated and evaluated for vulnerabilities. In short, manual security testing and analysis do not easily scale to large networks. While it has been shown that clustering can simplify the problem somewhat, the data structures and formats returned by the latest network mapping tools are not conducive to clustering algorithms. In this paper we introduce a hybrid similarity algorithm to compute the distance between two network services and then use those calculations to support a clustering algorithm designed to compress a large network attack surface by orders of magnitude. Doing so allows for new testing strategies that incorporate outlier detection and smart consolidation of test cases to improve accuracy and timeliness of testing. We conclude by presenting two case studies using an organization's network attack surface data to demonstrate the effectiveness of this approach.
Lee, Yun-kyung, Kim, Young-ho, Kim, Jeong-nyeo.  2021.  IoT Standard Platform Architecture That Provides Defense against DDoS Attacks. 2021 IEEE International Conference on Consumer Electronics-Asia (ICCE-Asia). :1–3.
IoT devices have evolved with the goal of becoming more connected. However, for security it is necessary to reduce the attack surface by allowing only necessary devices to be connected. In addition, as the number of IoT devices increases, DDoS attacks targeting IoT devices also increase. In this paper, we propose a method to apply the zero trust concept of SDP as a way to enhance security and prevent DDoS attacks in the IoT device network to which the OCF platform, one of the IoT standard platforms, is applied. The protocol proposed in this paper needs to perform additional functions in IoT devices, and the processing overhead due to the functions is 62.6ms on average. Therefore, by applying the method proposed in this paper, although there is a small amount of processing overhead, DDoS attacks targeting the IoT network can be defended and the security of the IoT network can be improved.
McCarthy, Andrew, Andriotis, Panagiotis, Ghadafi, Essam, Legg, Phil.  2021.  Feature Vulnerability and Robustness Assessment against Adversarial Machine Learning Attacks. 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
Whilst machine learning has been widely adopted for various domains, it is important to consider how such techniques may be susceptible to malicious users through adversarial attacks. Given a trained classifier, a malicious attack may attempt to craft a data observation whereby the data features purposefully trigger the classifier to yield incorrect responses. This has been observed in various image classification tasks, including falsifying road sign detection and facial recognition, which could have severe consequences in real-world deployment. In this work, we investigate how these attacks could impact on network traffic analysis, and how a system could perform misclassification of common network attacks such as DDoS attacks. Using the CICIDS2017 data, we examine how vulnerable the data features used for intrusion detection are to perturbation attacks using FGSM adversarial examples. As a result, our method provides a defensive approach for assessing feature robustness that seeks to balance between classification accuracy whilst minimising the attack surface of the feature space.
Li, Xiaolong, Zhao, Tengteng, Zhang, Wei, Gan, Zhiqiang, Liu, Fugang.  2021.  A Visual Analysis Framework of Attack Paths Based on Network Traffic. 2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA). :232–237.
With the rapid development of the Internet, cyberspace security has become a potentially huge problem. At the same time, the disclosure of cyberspace vulnerabilities is getting faster and faster. Traditional protection methods based on known features cannot effectively defend against new network attacks. Network attack is no more a single vulnerability exploit, but an APT attack based on multiple complicated methods. Cyberspace attacks have become ``rationalized'' on the surface. Currently, there are a lot of researches about visualization of attack paths, but there is no an overall plan to reproduce the attack path. Most researches focus on the detection and characterization individual based on single behavior cyberspace attacks, which loose it's abilities to help security personnel understand the complete attack behavior of attackers. The key factors of this paper is to collect the attackers' aggressive behavior by reverse retrospective method based on the actual shooting range environment. By finding attack nodes and dividing offensive behavior into time series, we can characterize the attacker's behavior path vividly and comprehensively.
Rahmansyah, Reyhan, Suryani, Vera, Arif Yulianto, Fazmah, Hidayah Ab Rahman, Nurul.  2021.  Reducing Docker Daemon Attack Surface Using Rootless Mode. 2021 International Conference on Software Engineering Computer Systems and 4th International Conference on Computational Science and Information Management (ICSECS-ICOCSIM). :499–502.
Containerization technology becomes one of alternatives in virtualization. Docker requires docker daemon to build, distribute and run the container and this makes the docker vulnerable to an attack surface called Docker daemon Attack Surface - an attack against docker daemon taking over the access (root). Using rootless mode is one way to prevent the attack. Therefore, this research demonstrates the attack prevention by making and running the docker container in the rootless mode. The success of the attack can be proven when the user is able to access the file /etc/shadow that is supposed to be only accessible for the rooted users. Findings of this research demonstrated that the file is inaccessible when the docker is run using the rootless mode. CPU usage is measured when the attack is being simulated using the docker run through root privileges and rootless mode, to identify whether the use of rootless mode in the docker adds the load of CPU usage and to what extent its increased. Results showed that the CPU use was 39% when using the docker with the rootless mode. Meanwhile, using the docker with the right of the root access was only 0%. The increase of 39% is commensurate with the benefit that can prevent the docker daemon attack surface.
2022-01-10
Mehra, Ankush, Badotra, Sumit.  2021.  Artificial Intelligence Enabled Cyber Security. 2021 6th International Conference on Signal Processing, Computing and Control (ISPCC). :572–575.
In the digital era, cyber security has become a serious problem. Information penetrates, wholesale fraud, manual human test breaking, and other comparable occurrences proliferate, influencing a large number of individuals just as organizations. The hindrances have consistently been endless in creating appropriate controls and procedures and putting them in place with utmost precision in order to deal with cyber-attacks. To recent developments in artificial intelligence, the danger of cyber - attacks has increased drastically. AI has affected everything from healthcare to robots. Because malicious hackers couldn't keep this ball of fire from them, ``normal'' cyber-attacks have grown in to the ``intelligent'' cyber attacks. In this paper, The most promising artificial intelligence approaches are discussed. Researchers look at how such techniques may be used for cyber security. At last, the conversation concludes with a discussion about artificial intelligence's future and cyber security.
Al-Ameer, Ali, AL-Sunni, Fouad.  2021.  A Methodology for Securities and Cryptocurrency Trading Using Exploratory Data Analysis and Artificial Intelligence. 2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA). :54–61.
This paper discusses securities and cryptocurrency trading using artificial intelligence (AI) in the sense that it focuses on performing Exploratory Data Analysis (EDA) on selected technical indicators before proceeding to modelling, and then to develop more practical models by introducing new reward loss function that maximizes the returns during training phase. The results of EDA reveal that the complex patterns within the data can be better captured by discriminative classification models and this was endorsed by performing back-testing on two securities using Artificial Neural Network (ANN) and Random Forests (RF) as discriminative models against their counterpart Na\"ıve Bayes as a generative model. To enhance the learning process, the new reward loss function is utilized to retrain the ANN with testing on AAPL, IBM, BRENT CRUDE and BTC using auto-trading strategy that serves as the intelligent unit, and the results indicate this loss superiorly outperforms the conventional cross-entropy used in predictive models. The overall results of this work suggest that there should be larger focus on EDA and more practical losses in the research of machine learning modelling for stock market prediction applications.
Ren, Sothearin, Kim, Jae-Sung, Cho, Wan-Sup, Soeng, Saravit, Kong, Sovanreach, Lee, Kyung-Hee.  2021.  Big Data Platform for Intelligence Industrial IoT Sensor Monitoring System Based on Edge Computing and AI. 2021 International Conference on Artificial Intelligence in Information and Communication (ICAIIC). :480–482.
The cutting edge of Industry 4.0 has driven everything to be converted to disruptive innovation and digitalized. This digital revolution is imprinted by modern and advanced technology that takes advantage of Big Data and Artificial Intelligence (AI) to nurture from automatic learning systems, smart city, smart energy, smart factory to the edge computing technology, and so on. To harness an appealing, noteworthy, and leading development in smart manufacturing industry, the modern industrial sciences and technologies such as Big Data, Artificial Intelligence, Internet of things, and Edge Computing have to be integrated cooperatively. Accordingly, a suggestion on the integration is presented in this paper. This proposed paper describes the design and implementation of big data platform for intelligence industrial internet of things sensor monitoring system and conveys a prediction of any upcoming errors beforehand. The architecture design is based on edge computing and artificial intelligence. To extend more precisely, industrial internet of things sensor here is about the condition monitoring sensor data - vibration, temperature, related humidity, and barometric pressure inside facility manufacturing factory.
Alamaniotis, Miltiadis.  2021.  Fuzzy Integration of Kernel-Based Gaussian Processes Applied to Anomaly Detection in Nuclear Security. 2021 12th International Conference on Information, Intelligence, Systems Applications (IISA). :1–4.
Advances in artificial intelligence (AI) have provided a variety of solutions in several real-world complex problems. One of the current trends contains the integration of various AI tools to improve the proposed solutions. The question that has to be revisited is how tools may be put together to form efficient systems suitable for the problem at hand. This paper frames itself in the area of nuclear security where an agent uses a radiation sensor to survey an area for radiological threats. The main goal of this application is to identify anomalies in the measured data that designate the presence of nuclear material that may consist of a threat. To that end, we propose the integration of two kernel modeled Gaussian processes (GP) by using a fuzzy inference system. The GP models utilize different types of information to make predictions of the background radiation contribution that will be used to identify an anomaly. The integration of the prediction of the two GP models is performed with means of fuzzy rules that provide the degree of existence of anomalous data. The proposed system is tested on a set of real-world gamma-ray spectra taken with a low-resolution portable radiation spectrometer.
Hu, Guangjun, Li, Haiwei, Li, Kun, Wang, Rui.  2021.  A Network Asset Detection Scheme Based on Website Icon Intelligent Identification. 2021 Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS). :255–257.
With the rapid development of the Internet and communication technologies, efficient management of cyberspace, safe monitoring and protection of various network assets can effectively improve the overall level of network security protection. Accurate, effective and comprehensive network asset detection is the prerequisite for effective network asset management, and it is also the basis for security monitoring and analysis. This paper proposed an artificial intelligence algorithm based scheme which accurately identify the website icon and help to determine the ownership of network assets. Through experiments based on data set collected from real network, the result demonstrate that the proposed scheme has higher accuracy and lower false alarm rate, and can effectively reduce the training cost.
Kalinin, Maxim O., Krundyshev, Vasiliy M..  2021.  Computational Intelligence Technologies Stack for Protecting the Critical Digital Infrastructures against Security Intrusions. 2021 Fifth World Conference on Smart Trends in Systems Security and Sustainability (WorldS4). :118–122.
Over the past decade, an infotelecommunication technology has made significant strides forward. With the advent of new generation wireless networks and the massive digitalization of industries, the object of protection has changed. The digital transformation has led to an increased opportunity for cybercriminals. The ability of computational intelligence to quickly process large amounts of data makes the intrusions tailored to specific environments. Polymorphic attacks that have mutations in their sequences of acts adapt to the communication environments, operating systems and service frameworks, and also try to deceive the defense tools. The poor protection of most Internet of Things devices allows the attackers to take control over them creating the megabotnets. In this regard, traditional methods of network protection become rigid and low-effective. The paper reviews a computational intelligence (CI) enabled software- defined network (SDN) for the network management, providing dynamic network reconfiguration to improve network performance and security control. Advanced machine learning and artificial neural networks are promising in detection of false data injections. Bioinformatics methods make it possible to detect polymorphic attacks. Swarm intelligence detects dynamic routing anomalies. Quantum machine learning is effective at processing the large volumes of security-relevant datasets. The CI technology stack provides a comprehensive protection against a variative cyberthreats scope.
Li, Yanjie.  2021.  The Application Analysis of Artificial Intelligence in Computer Network Technology. 2021 IEEE Asia-Pacific Conference on Image Processing, Electronics and Computers (IPEC). :1126–1129.
In the information age, computer network technology has covered different areas of social life and involved various fields, and artificial intelligence, as an emerging technology with a very rapid development momentum in recent years, is important in promoting the development of computer network systems. This article explains the concept of artificial intelligence technology, describes the problems faced by computer networks, further analyses the advantages of artificial intelligence and the inevitability of application in network technology, and then studies the application of artificial intelligence in computer network technology.
Vast, Rahul, Sawant, Shruti, Thorbole, Aishwarya, Badgujar, Vishal.  2021.  Artificial Intelligence Based Security Orchestration, Automation and Response System. 2021 6th International Conference for Convergence in Technology (I2CT). :1–5.
Cybersecurity is becoming very crucial in the today's world where technology is now not limited to just computers, smartphones, etc. It is slowly entering into things that are used on daily basis like home appliances, automobiles, etc. Thus, opening a new door for people with wrong intent. With the increase in speed of technology dealing with such issues also requires quick response from security people. Thus, dealing with huge variety of devices quickly will require some extent of automation in this field. Generating threat intelligence automatically and also including those which are multilingual will also add plus point to prevent well known major attacks. Here we are proposing an AI based SOAR system in which the data from various sources like firewalls, IDS, etc. is collected with individual event profiling using a deep-learning detection method. For this the very first step is that the collected data from different sources will be converted into a standardized format i.e. to categorize the data collected from different sources. For standardized format Here our system finds out about the true positive alert for which the appropriate/ needful steps will be taken such as the generation of Indicators of Compromise report and the additional evidences with the help of Security Information and Event Management system. The security alerts will be notified to the security teams with the degree of threat.
He, Zewei.  2021.  Communication Engineering Application System Based on Artificial Intelligence Technology. 2021 6th International Conference on Smart Grid and Electrical Automation (ICSGEA). :366–369.
In order to overcome a series of problems in the application process of traditional communication engineering in the new era, such as information security, this paper proposes a novel communication engineering application system based on artificial intelligence technology. The application system fully combines the artificial intelligence technology, and applies the artificial intelligence thinking to the reform of traditional communication engineering. Based on this, the application strategy also fully combines the application and development of 5g technology, and strengthens the security of communication engineering in the application process from many aspects. The results show that the application system can give full play to the role of artificial intelligence technology and improve the security of communication process as much as possible, which lays a good foundation for the further development of 5g technology.
Xu, Ling.  2021.  Application of Artificial Intelligence and Big Data in the Security of Regulatory Places. 2021 International Conference on Artificial Intelligence and Electromechanical Automation (AIEA). :210–213.
This paper analyzes the necessity of artificial intelligence and big data in the security application of regulatory places. The author studies the specific application of artificial intelligence and big data in ideological dynamics management, access control system, video surveillance system, emergency alarm system, perimeter control system, police inspection system, daily behavior management, and system implementation management. The author puts forward how to do technical integration, improve information sharing, strengthen the construction of talents, and increase management fund expenditure. The purpose of this paper is to enhance the security management level of regulatory places and optimize the management environment of regulatory places.
Takey, Yuvraj Sanjayrao, Tatikayala, Sai Gopal, Samavedam, Satyanadha Sarma, Lakshmi Eswari, P R, Patil, Mahesh Uttam.  2021.  Real Time early Multi Stage Attack Detection. 2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS). 1:283–290.
In recent times, attackers are continuously developing advanced techniques for evading security, stealing personal financial data, Intellectual Property (IP) and sensitive information. These attacks often employ multiple attack vectors for gaining initial access to the systems. Analysts are often challenged to identify malware objective, initial attack vectors, attack propagation, evading techniques, protective mechanisms and unseen techniques. Most of these attacks are frequently referred to as Multi stage attacks and pose a grave threat to organizations, individuals and the government. Early multistage attack detection is a crucial measure to counter malware and deactivate it. Most traditional security solutions use signature-based detection, which frequently fails to thwart zero-day attacks. Manual analysis of these samples requires enormous effort for effectively counter exponential growth of malware samples. In this paper, we present a novel approach leveraging Machine Learning and MITRE Adversary Tactic Technique and Common knowledge (ATT&CK) framework for early multistage attack detection in real time. Firstly, we have developed a run-time engine that receives notification while malicious executable is downloaded via browser or a launch of a new process in the system. Upon notification, the engine extracts the features from static executable for learning if the executable is malicious. Secondly, we use the MITRE ATT&CK framework, evolved based on the real-world observations of the cyber attacks, that best describes the multistage attack with respect to the adversary Tactics, Techniques and Procedure (TTP) for detecting the malicious executable as well as predict the stages that the malware executes during the attack. Lastly, we propose a real-time system that combines both these techniques for early multistage attack detection. The proposed model has been tested on 6000 unpacked malware samples and it achieves 98 % accuracy. The other major contribution in this paper is identifying the Windows API calls for each of the adversary techniques based on the MITRE ATT&CK.
Acharya, Abiral, Oluoch, Jared.  2021.  A Dual Approach for Preventing Blackhole Attacks in Vehicular Ad Hoc Networks Using Statistical Techniques and Supervised Machine Learning. 2021 IEEE International Conference on Electro Information Technology (EIT). :230–235.
Vehicular Ad Hoc Networks (VANETs) have the potential to improve road safety and reduce traffic congestion by enhancing sharing of messages about road conditions. Communication in VANETs depends upon a Public Key Infrastructure (PKI) that checks for message confidentiality, integrity, and authentication. One challenge that the PKI infrastructure does not eliminate is the possibility of malicious vehicles mounting a Distributed Denial of Service (DDoS) attack. We present a scheme that combines statistical modeling and machine learning techniques to detect and prevent blackhole attacks in a VANET environment.Simulation results demonstrate that on average, our model produces an Area Under The Curve (ROC) and Receiver Operating Characteristics (AUC) score of 96.78% which is much higher than a no skill ROC AUC score and only 3.22% away from an ideal ROC AUC score. Considering all the performance metrics, we show that the Support Vector Machine (SVM) and Gradient Boosting classifier are more accurate and perform consistently better under various circumstances. Both have an accuracy of over 98%, F1-scores of over 95%, and ROC AUC scores of over 97%. Our scheme is robust and accurate as evidenced by its ability to identify and prevent blackhole attacks. Moreover, the scheme is scalable in that addition of vehicles to the network does not compromise its accuracy and robustness.
Xu, Baoyue, Du, Dajun, Zhang, Changda, Zhang, Jin.  2021.  A Honeypot-based Attack Detection Method for Networked Inverted Pendulum System. 2021 40th Chinese Control Conference (CCC). :8645–8650.
The data transmitted via the network may be vulnerable to cyber attacks in networked inverted pendulum system (NIPS), how to detect cyber attacks is a challenging issue. To solve this problem, this paper investigates a honeypot-based attack detection method for NIPS. Firstly, honeypot for NIPS attack detection (namely NipsPot) is constructed by deceptive environment module of a virtual closed-loop control system, and the stealthiness of typical covert attacks is analysed. Secondly, attack data is collected by NipsPot, which is used to train supported vector machine (SVM) model for attack detection. Finally, simulation results demonstrate that NipsPot-based attack detector can achieve the accuracy rate of 99.78%, the precision rate of 98.75%, and the recall rate of 100%.
Freas, Christopher B., Shah, Dhara, Harrison, Robert W..  2021.  Accuracy and Generalization of Deep Learning Applied to Large Scale Attacks. 2021 IEEE International Conference on Communications Workshops (ICC Workshops). :1–6.
Distributed denial of service attacks threaten the security and health of the Internet. Remediation relies on up-to-date and accurate attack signatures. Signature-based detection is relatively inexpensive computationally. Yet, signatures are inflexible when small variations exist in the attack vector. Attackers exploit this rigidity by altering their attacks to bypass the signatures. Our previous work revealed a critical problem with conventional machine learning models. Conventional models are unable to generalize on the temporal nature of network flow data to classify attacks. We thus explored the use of deep learning techniques on real flow data. We found that a variety of attacks could be identified with high accuracy compared to previous approaches. We show that a convolutional neural network can be implemented for this problem that is suitable for large volumes of data while maintaining useful levels of accuracy.
Ugwu, Chukwuemeka Christian, Obe, Olumide Olayinka, Popoọla, Olugbemiga Solomon, Adetunmbi, Adebayo Olusọla.  2021.  A Distributed Denial of Service Attack Detection System using Long Short Term Memory with Singular Value Decomposition. 2020 IEEE 2nd International Conference on Cyberspac (CYBER NIGERIA). :112–118.
The increase in online activity during the COVID 19 pandemic has generated a surge in network traffic capable of expanding the scope of DDoS attacks. Cyber criminals can now afford to launch massive DDoS attacks capable of degrading the performances of conventional machine learning based IDS models. Hence, there is an urgent need for an effective DDoS attack detective model with the capacity to handle large magnitude of DDoS attack traffic. This study proposes a deep learning based DDoS attack detection system using Long Short Term Memory (LSTM). The proposed model was evaluated on UNSW-NB15 and NSL-KDD intrusion datasets, whereby twenty-three (23) and twenty (20) attack features were extracted from UNSW-NB15 and NSL-KDD, respectively using Singular Value Decomposition (SVD). The results from the proposed model show significant improvement when compared with results from some conventional machine learning techniques such as Naïve Bayes (NB), Decision Tree (DT), and Support Vector Machine (SVM) with accuracies of 94.28% and 90.59% on both datasets, respectively. Furthermore, comparative analysis of LSTM with other deep learning results reported in literature justified the choice of LSTM among its deep learning peers in detecting DDoS attacks over a network.
Shirmarz, Alireza, Ghaffari, Ali, Mohammadi, Ramin, Akleylek, Sedat.  2021.  DDOS Attack Detection Accuracy Improvement in Software Defined Network (SDN) Using Ensemble Classification. 2021 International Conference on Information Security and Cryptology (ISCTURKEY). :111–115.
Nowadays, Denial of Service (DOS) is a significant cyberattack that can happen on the Internet. This attack can be taken place with more than one attacker that in this case called Distributed Denial of Service (DDOS). The attackers endeavour to make the resources (server & bandwidth) unavailable to legitimate traffic by overwhelming resources with malicious traffic. An appropriate security module is needed to discriminate the malicious flows with high accuracy to prevent the failure resulting from a DDOS attack. In this paper, a DDoS attack discriminator will be designed for Software Defined Network (SDN) architecture so that it can be deployed in the POX controller. The simulation results present that the proposed model can achieve an accuracy of about 99.4%which shows an outstanding percentage of improvement compared with Decision Tree (DT), K-Nearest Neighbour (KNN), Support Vector Machine (SVM) approaches.
Khan, Ausaf Umar, Chawhan, Manish Devendra, Mushrif, Milind Madhukar, Neole, Bhumika.  2021.  Performance Analysis of Adhoc On-demand Distance Vector Protocol under the influence of Black-Hole, Gray-Hole and Worm-Hole Attacks in Mobile Adhoc Network. 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS). :238–243.
Adhoc On-demand Distance Vector (AODV) is the well-known reactive routing protocol of Mobile Adhoc Network (MANET). Absence of security mechanism in AODV disturbs the routing because of misbehavior of attack and hence, degrades MANET's performance. Secure and efficient routing is a need of various commercial and non-commercial applications of MANET including military and war, disaster and earthquake, and riot control. This paper presents a design of important network layer attacks include black-hole (BH), gray-hole (GH) and worm-hole (WH) attacks. The performance analysis of AODV protocol is carried out under the influence of each designed attack by using the network simulator, NetSim. Simulation results show that, the network layer attacks affect packet delivery ability of AODV protocol with low energy consumption and in short time. Design of attacks helps to understand attack's behavior and hence, to develop security mechanism in AODV.